Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/B45129B48BBD11EF94428948762E951A.roa
File:                     B45129B48BBD11EF94428948762E951A.roa (raw, json)
Hash identifier:          43zaQg7rsnXHb+T9WO52mZLCQHsBhqCHCPb5tuPvMGw=
Subject key identifier:   B2:13:5B:1D:46:D7:46:54:3D:38:75:4F:84:50:6B:CF:A0:F8:D4:85
Certificate issuer:       /CN=F36CBA0FAF/serialNumber=7F85311D43DEA95F4C148C0843FB2C29D3877CCC
Certificate serial:       02
Authority key identifier: 7F:85:31:1D:43:DE:A9:5F:4C:14:8C:08:43:FB:2C:29:D3:87:7C:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/f4UxHUPeqV9MFIwIQ_ssKdOHfMw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/B45129B48BBD11EF94428948762E951A.roa
Signing time:             Wed 16 Oct 2024 12:53:56 +0000
ROA not before:           Wed 16 Oct 2024 12:53:52 +0000
ROA not after:            Mon 16 Oct 2034 12:53:52 +0000
asID:                     329478
IP address blocks:        102.208.28.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/f4UxHUPeqV9MFIwIQ_ssKdOHfMw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/f4UxHUPeqV9MFIwIQ_ssKdOHfMw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/f4UxHUPeqV9MFIwIQ_ssKdOHfMw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36CBA0FAF/serialNumber=7F85311D43DEA95F4C148C0843FB2C29D3877CCC
        Validity
            Not Before: Oct 16 12:53:52 2024 GMT
            Not After : Oct 16 12:53:52 2034 GMT
        Subject: CN=670fb764-bef9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:3a:14:53:e9:16:9f:06:74:a7:dc:c0:4e:4e:
                    23:6b:3c:16:1b:1d:bc:74:4c:42:f2:e4:25:27:57:
                    32:76:af:96:44:79:e8:c1:c8:f9:57:2e:b9:a9:98:
                    bd:18:20:64:23:5b:4e:28:6e:02:ac:88:a0:e1:79:
                    5b:10:37:38:20:5d:44:f9:74:7e:98:55:ab:8f:33:
                    61:a3:3b:23:74:71:55:9d:bc:b7:a8:a4:29:74:6d:
                    c1:49:83:a8:2b:51:4e:b1:4e:9a:a4:44:25:5f:93:
                    8b:69:5f:c8:1c:c4:e6:ef:f3:2a:bb:7d:32:8f:da:
                    02:5c:4b:09:37:27:7c:d5:a1:57:45:7c:22:9c:3b:
                    5d:ed:8f:f4:2d:fd:df:62:e9:49:80:ac:52:d5:13:
                    af:ea:5c:a6:4a:8f:d5:6e:fa:88:cf:78:89:b1:8d:
                    75:11:98:59:37:48:46:f4:10:60:e8:fb:63:06:96:
                    29:a9:0b:fb:b9:f4:38:e0:33:37:b7:f2:cc:5a:63:
                    d9:d1:cb:fd:be:0e:23:19:16:32:92:7a:47:6e:16:
                    f0:fb:90:00:14:29:e0:20:ac:c4:c6:d1:a8:dc:a2:
                    c7:7a:83:39:b4:60:61:b4:30:b2:be:56:d7:68:e7:
                    a7:55:b7:43:6e:d2:65:ea:ff:77:d0:36:71:7a:96:
                    c7:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:13:5B:1D:46:D7:46:54:3D:38:75:4F:84:50:6B:CF:A0:F8:D4:85
            X509v3 Authority Key Identifier:
                keyid:7F:85:31:1D:43:DE:A9:5F:4C:14:8C:08:43:FB:2C:29:D3:87:7C:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/f4UxHUPeqV9MFIwIQ_ssKdOHfMw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/f4UxHUPeqV9MFIwIQ_ssKdOHfMw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CBA0F/00E1DAE08BBD11EFA1253244762E951A/B45129B48BBD11EF94428948762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  102.208.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7d:9c:d1:3f:c0:ba:53:63:59:41:6f:3e:86:54:da:bb:85:21:
         e1:e8:43:8c:78:19:4e:7a:fa:65:01:e6:c5:66:ce:31:df:14:
         76:b2:ce:5e:ef:07:93:89:fe:41:c9:3f:8c:b0:ab:89:ae:93:
         1e:d6:7c:cb:d1:e3:f4:a4:d1:d8:f6:a7:92:5e:77:98:2f:db:
         a2:4a:9b:46:3f:63:89:1f:c7:d6:2e:8a:8a:6b:92:d6:e0:aa:
         19:e9:53:43:00:47:64:59:df:e3:ab:c0:a9:22:25:49:07:6a:
         24:03:00:c2:0a:31:1d:b0:c8:2e:02:e9:ae:e2:e1:90:00:0b:
         a1:1b:8a:4a:ef:10:bb:f9:53:de:61:0d:53:c6:39:1e:10:45:
         e1:b7:ef:8c:bf:5d:8f:19:a7:82:35:e2:fa:73:b5:4a:d2:90:
         b2:df:ff:64:89:98:f9:d4:ba:c1:93:41:21:3f:e8:d8:08:83:
         1f:25:c3:dd:9b:87:57:49:8b:f5:f7:ca:90:ee:fa:34:63:19:
         d3:3d:1c:63:fe:ab:db:52:99:38:e2:12:84:7c:7a:8d:6f:f2:
         8e:a4:e6:bc:ba:6d:01:84:89:f3:c8:f9:56:ee:c4:da:4a:9a:
         ee:31:19:7d:92:10:30:4a:10:ca:68:95:6e:17:9d:22:8b:d6:
         15:e8:cb:c4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZD
QkEwRkFGMTEwLwYDVQQFEyg3Rjg1MzExRDQzREVBOTVGNEMxNDhDMDg0M0ZCMkMy
OUQzODc3Q0NDMB4XDTI0MTAxNjEyNTM1MloXDTM0MTAxNjEyNTM1MlowGDEWMBQG
A1UEAxMNNjcwZmI3NjQtYmVmOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM46FFPpFp8GdKfcwE5OI2s8FhsdvHRMQvLkJSdXMnavlkR56MHI+VcuuamY
vRggZCNbTihuAqyIoOF5WxA3OCBdRPl0fphVq48zYaM7I3RxVZ28t6ikKXRtwUmD
qCtRTrFOmqREJV+Ti2lfyBzE5u/zKrt9Mo/aAlxLCTcnfNWhV0V8Ipw7Xe2P9C39
32LpSYCsUtUTr+pcpkqP1W76iM94ibGNdRGYWTdIRvQQYOj7YwaWKakL+7n0OOAz
N7fyzFpj2dHL/b4OIxkWMpJ6R24W8PuQABQp4CCsxMbRqNyix3qDObRgYbQwsr5W
12jnp1W3Q27SZer/d9A2cXqWx6ECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSyE1sd
RtdGVD04dU+EUGvPoPjUhTAfBgNVHSMEGDAWgBR/hTEdQ96pX0wUjAhD+ywp04d8
zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0JBMEYvMDBFMURBRTA4QkJEMTFFRkExMjUzMjQ0NzYyRTk1MUEvZjRVeEhV
UGVxVjlNRkl3SVFfc3NLZE9IZk13LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZjRVeEhVUGVxVjlNRkl3SVFfc3NLZE9IZk13LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2Q0JBMEYvMDBFMURBRTA4QkJEMTFFRkExMjUzMjQ0NzYy
RTk1MUEvQjQ1MTI5QjQ4QkJEMTFFRjk0NDI4OTQ4NzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmbQHDANBgkqhkiG9w0BAQsF
AAOCAQEAfZzRP8C6U2NZQW8+hlTau4Uh4ehDjHgZTnr6ZQHmxWbOMd8UdrLOXu8H
k4n+Qck/jLCria6THtZ8y9Hj9KTR2Pankl53mC/bokqbRj9jiR/H1i6KimuS1uCq
GelTQwBHZFnf46vAqSIlSQdqJAMAwgoxHbDILgLpruLhkAALoRuKSu8Qu/lT3mEN
U8Y5HhBF4bfvjL9djxmngjXi+nO1StKQst//ZImY+dS6wZNBIT/o2AiDHyXD3ZuH
V0mL9ffKkO76NGMZ0z0cY/6r21KZOOIShHx6jW/yjqTmvLptAYSJ88j5Vu7E2kqa
7jEZfZIQMEoQymiVbhedIovWFejLxA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org